@@ -277,50 +277,63 @@ followed by the packed items.
277277Concurrency
278278-----------
279279
280- The entry tree and each posting treeis a B-tree , with right-links connecting
280+ The entry tree and each posting treeare B-trees , with right-links connecting
281281sibling pages at the same level. This is the same structure that is used in
282282the regular B-tree indexam (invented by Lehman & Yao), but we don't support
283283scanning a GIN trees backwards, so we don't need left-links.
284284
285285To avoid deadlocks, B-tree pages must always be locked in the same order:
286- left to right, and bottom to top. When searching, the tree is traversed from
287- top to bottom, so the lock on the parent page must be released before
286+ left to right, and bottom to top. The exception is page deletion during vacuum,
287+ which would be considered separately. When searching, the tree is traversed
288+ from top to bottom, so the lock on the parent page must be released before
288289descending to the next level. Concurrent page splits move the keyspace to
289290right, so after following a downlink, the page actually containing the key
290291we're looking for might be somewhere to the right of the page we landed on.
291292In that case, we follow the right-links until we find the page we're looking
292- for.
293-
294- To delete a page, the page's left sibling, the target page, and its parent,
295- are locked in that order, and the page is marked as deleted. However, a
296- concurrent search might already have read a pointer to the page, and might be
297- just about to follow it. A page can be reached via the right-link of its left
298- sibling, or via its downlink in the parent.
293+ for. In spite of searches, insertions keeps pins on all pages in path from
294+ root to the current page. These pages potentially requies downlink insertion,
295+ while pins prevent them from being deleted.
296+
297+ Vacuum never deletes tuples or pages from the entry tree. It traverses entry
298+ tree leafs in logical order by rightlinks and removes deletable TIDs from
299+ posting lists. Posting trees are processed by links from entry tree leafs. They
300+ are vacuumed in two stages. At first stage, deletable TIDs are removed from
301+ leafs. If first stage detects at least one empty page, then at the second stage
302+ ginScanToDelete() deletes empty pages.
303+
304+ ginScanToDelete() scans posting tree to delete empty pages, while vacuum holds
305+ cleanup lock on the posting tree root. This lock prevent concurrent inserts,
306+ because inserters hold a pin on the root page. In spite of inserters searches
307+ don't hold pin on root page. So, while new searches cannot begin while root page
308+ is locked, any already-in-progress scans can continue concurrently with vacuum.
309+
310+ ginScanToDelete() does depth-first tree scanning while keeping each page in path
311+ from root to current page exclusively locked. It also keeps left sibling of
312+ each page in the path locked. Thus, if current page is to be removed, all
313+ required pages to remove both downlink and rightlink are already locked.
314+ Therefore, page deletion locks pages top to bottom and left to right breaking
315+ our general rule. But assuming there is no concurrent insertions, this can't
316+ cause a deadlock.
317+
318+ During replay od page deletion at standby, the page's left sibling, the target
319+ page, and its parent, are locked in that order. So it follows bottom to top and
320+ left to right rule.
321+
322+ A search concurrent to page deletion might already have read a pointer to the
323+ page to be deleted, and might be just about to follow it. A page can be reached
324+ via the right-link of its left sibling, or via its downlink in the parent.
299325
300326To prevent a backend from reaching a deleted page via a right-link, when
301- following a right-link the lock on the previous page is not released until
302- the lock on next page has been acquired.
303-
304- The downlink is more tricky. A search descending the tree must release the
305- lock on the parent page before locking the child, or it could deadlock with
306- a concurrent split of the child page; a page split locks the parent, while
307- already holding a lock on the child page. So, deleted page cannot be reclaimed
308- immediately. Instead, we have to wait for every transaction, which might wait
309- to reference this page, to finish. Corresponding processes must observe that
310- the page is marked deleted and recover accordingly.
311-
312- The previous paragraph's reasoning only applies to searches, and only to
313- posting trees. To protect from inserters following a downlink to a deleted
314- page, vacuum simply locks out all concurrent insertions to the posting tree,
315- by holding a super-exclusive lock on the posting tree root. Inserters hold a
316- pin on the root page, but searches do not, so while new searches cannot begin
317- while root page is locked, any already-in-progress scans can continue
318- concurrently with vacuum. In the entry tree, we never delete pages.
319-
320- (This is quite different from the mechanism the btree indexam uses to make
321- page-deletions safe; it stamps the deleted pages with an XID and keeps the
322- deleted pages around with the right-link intact until all concurrent scans
323- have finished.)
327+ following a right-link the lock on the previous page is not released until the
328+ lock on next page has been acquired.
329+
330+ The downlink is more tricky. A search descending the tree must release the lock
331+ on the parent page before locking the child, or it could deadlock with a
332+ concurrent split of the child page; a page split locks the parent, while already
333+ holding a lock on the child page. So, deleted page cannot be reclaimed
334+ immediately. Instead, we have to wait for every transaction, which might wait to
335+ reference this page, to finish. Corresponding processes must observe that the
336+ page is marked deleted and recover accordingly.
324337
325338Compatibility
326339-------------